{"id":"CVE-2017-5447","details":"An out-of-bounds read during the processing of glyph widths during text layout. This results in a potentially exploitable crash and could allow an attacker to read otherwise inaccessible memory. This vulnerability affects Thunderbird \u003c 52.1, Firefox ESR \u003c 45.9, Firefox ESR \u003c 52.1, and Firefox \u003c 53.","modified":"2026-03-12T22:39:10.211356Z","published":"2018-06-11T21:29:06.390Z","related":["MGASA-2017-0118","MGASA-2017-0139","MGASA-2018-0018","SUSE-SU-2017:1175-1","SUSE-SU-2017:1248-1","SUSE-SU-2017:1669-1","SUSE-SU-2017:2235-1","openSUSE-SU-2017:1268-1","openSUSE-SU-2024:10600-1","openSUSE-SU-2024:10601-1","openSUSE-SU-2024:14572-1"],"references":[{"type":"ADVISORY","url":"https://www.mozilla.org/security/advisories/mfsa2017-13/"},{"type":"ADVISORY","url":"http://www.securityfocus.com/bid/97940"},{"type":"ADVISORY","url":"http://www.securitytracker.com/id/1038320"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2017:1104"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2017:1106"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2017:1201"},{"type":"ADVISORY","url":"https://www.debian.org/security/2017/dsa-3831"},{"type":"ADVISORY","url":"https://www.mozilla.org/security/advisories/mfsa2017-10/"},{"type":"ADVISORY","url":"https://www.mozilla.org/security/advisories/mfsa2017-11/"},{"type":"ADVISORY","url":"https://www.mozilla.org/security/advisories/mfsa2017-12/"},{"type":"REPORT","url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1343552"},{"type":"EVIDENCE","url":"https://www.exploit-db.com/exploits/42071/"}],"affected":[{"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2017-5447.json","unresolved_ranges":[{"events":[{"introduced":"0"},{"last_affected":"9.0"}]},{"events":[{"introduced":"0"},{"last_affected":"6.0"}]},{"events":[{"introduced":"0"},{"last_affected":"7.0"}]},{"events":[{"introduced":"0"},{"last_affected":"6.0"}]},{"events":[{"introduced":"0"},{"last_affected":"7.0"}]},{"events":[{"introduced":"0"},{"last_affected":"6.0"}]},{"events":[{"introduced":"0"},{"last_affected":"7.0"}]},{"events":[{"introduced":"0"},{"last_affected":"7.3"}]},{"events":[{"introduced":"0"},{"last_affected":"7.4"}]},{"events":[{"introduced":"0"},{"last_affected":"7.3"}]},{"events":[{"introduced":"0"},{"last_affected":"7.4"}]},{"events":[{"introduced":"0"},{"last_affected":"7.5"}]},{"events":[{"introduced":"0"},{"last_affected":"6.0"}]},{"events":[{"introduced":"0"},{"last_affected":"7.0"}]},{"events":[{"introduced":"0"},{"fixed":"45.9.0"}]},{"events":[{"introduced":"0"},{"fixed":"53.0"}]},{"events":[{"introduced":"0"},{"last_affected":"52.0"}]},{"events":[{"introduced":"0"},{"fixed":"52.1.0"}]}]}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H"}]}